CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46716 – dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor
https://notcve.org/view.php?id=CVE-2024-46716
In the Linux kernel, the following vulnerability has been resolved: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor Remove list_del call in msgdma_chan_desc_cleanup, this should be the role of msgdma_free_descriptor. In consequence replace list_add_tail with list_move_tail in msgdma_free_descriptor. This fixes the path: msgdma_free_chan_resources -> msgdma_free_descriptors -> msgdma_free_desc_list -> msgdma_free_descriptor which does not correctly free the descriptors as first nodes were not removed from the list. • https://git.kernel.org/stable/c/a3480e59fdbe5585d2d1eff0bed7671583acf725 https://git.kernel.org/stable/c/20bf2920a869f9dbda0ef8c94c87d1901a64a716 https://git.kernel.org/stable/c/db67686676c7becc1910bf1d6d51505876821863 https://git.kernel.org/stable/c/54e4ada1a4206f878e345ae01cf37347d803d1b1 •
CVSS: -EPSS: 0%CPEs: 4EXPL: 0CVE-2024-46715 – driver: iio: add missing checks on iio_info's callback access
https://notcve.org/view.php?id=CVE-2024-46715
In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, so if a driver doesn't implement them trying to access the corresponding sysfs entries produce a kernel oops such as: [ 2203.527791] Unable to handle kernel NULL pointer dereference at virtual address 00000000 when execute [...] [ 2203.783416] Call trace: [ 2203.783429] iio_read_channel_info_avail from dev_attr_show+0x18/0x48 [ 2203.789807] dev_attr_show from sysfs_kf_seq_show+0x90/0x120 [ 2203.794181] sysfs_kf_seq_show from seq_read_iter+0xd0/0x4e4 [ 2203.798555] seq_read_iter from vfs_read+0x238/0x2a0 [ 2203.802236] vfs_read from ksys_read+0xa4/0xd4 [ 2203.805385] ksys_read from ret_fast_syscall+0x0/0x54 [ 2203.809135] Exception stack(0xe0badfa8 to 0xe0badff0) [ 2203.812880] dfa0: 00000003 b6f10f80 00000003 b6eab000 00020000 00000000 [ 2203.819746] dfc0: 00000003 b6f10f80 7ff00000 00000003 00000003 00000000 00020000 00000000 [ 2203.826619] dfe0: b6e1bc88 bed80958 b6e1bc94 b6e1bcb0 [ 2203.830363] Code: bad PC value [ 2203.832695] ---[ end trace 0000000000000000 ]--- • https://git.kernel.org/stable/c/0cc7e0ee31e5c44904e98e2229d591e093282a70 https://git.kernel.org/stable/c/72f022ebb9deac28663fa4c04ba315ed5d6654d1 https://git.kernel.org/stable/c/dc537a72f64890d883d24ae4ac58733fc5bc523d https://git.kernel.org/stable/c/c4ec8dedca961db056ec85cb7ca8c9f7e2e92252 •
CVSS: -EPSS: 0%CPEs: 7EXPL: 0CVE-2024-46714 – drm/amd/display: Skip wbscl_set_scaler_filter if filter is null
https://notcve.org/view.php?id=CVE-2024-46714
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip wbscl_set_scaler_filter if filter is null Callers can pass null in filter (i.e. from returned from the function wbscl_get_filter_coeffs_16p) and a null check is added to ensure that is not the case. This fixes 4 NULL_RETURNS issues reported by Coverity. • https://git.kernel.org/stable/c/0364f1f17a86d89dc39040beea4f099e60189f1b https://git.kernel.org/stable/c/c083c8be6bdd046049884bec076660d4ec9a19ca https://git.kernel.org/stable/c/6d94c05a13fadd80c3e732f14c83b2632ebfaa50 https://git.kernel.org/stable/c/1726914cb17cedab233820d26b86764dc08857b4 https://git.kernel.org/stable/c/e3a95f29647ae45d1ec9541cd7df64f40bf2120a https://git.kernel.org/stable/c/54834585e91cab13e9f82d3a811deb212a4df786 https://git.kernel.org/stable/c/c4d31653c03b90e51515b1380115d1aedad925dd •
CVSS: -EPSS: 0%CPEs: 6EXPL: 0CVE-2024-46713 – perf/aux: Fix AUX buffer serialization
https://notcve.org/view.php?id=CVE-2024-46713
In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization Ole reported that event->mmap_mutex is strictly insufficient to serialize the AUX buffer, add a per RB mutex to fully serialize it. Note that in the lock order comment the perf_event::mmap_mutex order was already wrong, that is, it nesting under mmap_lock is not new with this patch. • https://git.kernel.org/stable/c/45bfb2e50471abbbfd83d40d28c986078b0d24ff https://git.kernel.org/stable/c/7882923f1cb88dc1a17f2bf0c81b1fc80d44db82 https://git.kernel.org/stable/c/52d13d224fdf1299c8b642807fa1ea14d693f5ff https://git.kernel.org/stable/c/9dc7ad2b67772cfb94ceb3b0c9c4023c2463215d https://git.kernel.org/stable/c/c4b69bee3f4ef76809288fe6827bc14d4ae788ef https://git.kernel.org/stable/c/b9b6882e243b653d379abbeaa64a500182aba370 https://git.kernel.org/stable/c/2ab9d830262c132ab5db2f571003d80850d56b2a •
CVSS: -EPSS: 0%CPEs: 1EXPL: 0CVE-2024-46712 – drm/vmwgfx: Disable coherent dumb buffers without 3d
https://notcve.org/view.php?id=CVE-2024-46712
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Disable coherent dumb buffers without 3d Coherent surfaces make only sense if the host renders to them using accelerated apis. Without 3d the entire content of dumb buffers stays in the guest making all of the extra work they're doing to synchronize between guest and host useless. Configurations without 3d also tend to run with very low graphics memory limits. The pinned console fb, mob cursors and graphical login manager tend to run out of 16MB graphics memory that those guests use. Fix it by making sure the coherent dumb buffers are only used on configs with 3d enabled. • https://git.kernel.org/stable/c/af6441e6f3d41e95bfc5bfc11960c259bb4f0f11 https://git.kernel.org/stable/c/c45558414b8f2e0b9dc34eb8f9d4e8359b887681 https://git.kernel.org/stable/c/e9fd436bb8fb9b9d31fdf07bbcdba6d30290c5e4 •